<?
include "config.php";

if(TRANSFER_KEY != $_GET['transferKEY']){echo "Your access is forbidden. Thank you."; exit;}

$filecode = $_GET['filecode'];
$username = $_GET['username'];
$password = $_GET['password'];
$tags = $_GET['tags'];
$status = $_GET['status'];

//echo "da";
$sql = mysql_query("select id from filebin_users where user_name='".$loc->db_cmp($username)."' and pass_word='".$loc->db_in($password)."'");
$resEx = mysql_fetch_array($sql);
//echo "da1";
if(!$resEx['id']){echo "Your access is forbidden. Thank you."; exit;}

$sqlF = mysql_query("select id,uid,filecode from filebin_files where uid='".$loc->db_cmp($resEx['id'])."' and filecode='".$loc->db_cmp($filecode)."'");
$resFEx = mysql_fetch_array($sqlF);
echo "da2\n".$loc->db_in($status)."\n";
if(!$resFEx['uid']){echo "Your access is forbidden. Thank you."; exit;}



mysql_query("update filebin_files set tags = '".$loc->db_in($tags)."' , status='".$loc->db_in($status)."' where id='".$resFEx['id']."'");

?>